Hi Raphael I double checked and it actually seems that there is some confusion with the FAQ, pf_ring currently supports perfect filters (8K-2) and 5-tuple filters (128), I will fix the FAQ to clarify this. Thank you for reporting.
Best Regards Alfredo > On 16 Aug 2018, at 17:03, Raphael Benedet <[email protected]> wrote: > > Hi Alfredo, > > pfring_add_hw_rule() is already the function I use. I modified the code of > pfcount_82599.c to add rules of type intel_82599_perfect_filter_rule in a > loop: > int i; > for (i = 10000; i < 40000; i++) { > memset(&rule, 0, sizeof(rule)), rule.rule_family_type = > intel_82599_perfect_filter_rule; > rule.rule_id = rule_id++, perfect_rule->queue_id = -1, > perfect_rule->proto = 17, > perfect_rule->d_port = i; > rc = pfring_add_hw_rule(pd, &rule); > if(rc != 0) { > printf("pfring_add_hw_rule(%d) failed [rc=%d]: did you enable the > FlowDirector (ethtool -K ethX ntuple on)\n", rule.rule_id, rc); > break; > } > } > > And pfring_add_hw_rule fails after 8190 rules insertions. > > When using 5-tuple rules (intel_82599_five_tuple_rule), pfring_add_hw_rule > fails after 128 rules. This is in-line with the Intel 82599 data sheet > (https://www.intel.com/content/dam/www/public/us/en/documents/datasheets/82599-10-gbe-controller-datasheet.pdf > > <https://www.intel.com/content/dam/www/public/us/en/documents/datasheets/82599-10-gbe-controller-datasheet.pdf>, > page 292). > > So, I'm wondering which code to use to be able to insert the 32K filters you > mention in the FAQ? > > Best Regards, > Raphael > > > > On Thu, Aug 16, 2018 at 4:35 PM, Alfredo Cardigliano <[email protected] > <mailto:[email protected]>> wrote: > Hi Raphael > please note that it is possible to use both filters types using the > pfring_add_hw_rule() API, > just set hw_filtering_rule.rule_family_type to intel_82599_five_tuple_rule or > intel_82599_perfect_filter_rule and set the corresponding struct > (intel_82599_five_tuple_filter_hw_rule / struct > intel_82599_perfect_filter_hw_rule) > Please see the sample code at > https://github.com/ntop/PF_RING/blob/dev/userland/examples/pfcount_82599.c > <https://github.com/ntop/PF_RING/blob/dev/userland/examples/pfcount_82599.c> > > Alfredo > >> On 16 Aug 2018, at 16:22, Raphael Benedet <[email protected] >> <mailto:[email protected]>> wrote: >> >> Hello, >> >> I'm trying to set up hardware filtering on an Intel X520 board. I wanted to >> check how many filters I could set on this board so I started from the >> example pfcount_82599.c file and added a loop to add filters sequentially. >> The function pfring_add_hw_rule fails after ~ 8K filters. >> >> On the PF_RING packets filtering page >> (https://www.ntop.org/products/packet-capture/pf_ring/hardware-packet-filtering/ >> >> <https://www.ntop.org/products/packet-capture/pf_ring/hardware-packet-filtering/>), >> the FAQ mentions that 32K filters are supported: >> >> Q. How many filters a 82599-based card typically supports? >> A. You can have up to 32K hardware filters. >> >> I checked the Intel 82599 data sheet and the chapter "Flow Director Filters" >> mentions both a limit of ~8K filters (the one I seem to hit) and ~32K >> filters: >> >> The 82599 support two types of filtering modes (static setting by the >> FDIRCTRL.PerfectMatch bit): >> • Perfect match filters — The hardware checks a match between the masked >> fields of the received packets and the programmed filters. Masked fields >> should be programmed as zeros in the filter context. The 82599 support up to >> 8 K - 2 perfect match filters. >> • Signature filters — The hardware checks a match between a hash-based >> signature of the masked fields of the received packet. The 82599 supports up >> to 32 K - 2 signature filters. >> >> Do you know if there is a way to have access to these ~ 32K filters through >> PF_RING? >> >> Best Regards, >> Raphael >> _______________________________________________ >> Ntop-misc mailing list >> [email protected] <mailto:[email protected]> >> http://listgateway.unipi.it/mailman/listinfo/ntop-misc >> <http://listgateway.unipi.it/mailman/listinfo/ntop-misc> > > _______________________________________________ > Ntop-misc mailing list > [email protected] <mailto:[email protected]> > http://listgateway.unipi.it/mailman/listinfo/ntop-misc > <http://listgateway.unipi.it/mailman/listinfo/ntop-misc> > > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
